network intelligence - dsci

©2018 Network Intelligence. All Rights Reserved.

Network IntelligenceCorporate Profile

The Network Intelligence Story

2001 2003 2004 2007 2008 2011 2012 2014 2016 2017 2018

TeamSize

Company

commences

its operations

Successfully developed

first set of automation

tools to differentiate

service offerings

Executed 1st International

project for Dubai Stock

Exchange

Won first US customer

(leading SIEM vendor)

Presentation on Detection and

Evasion of Web Application

Attacks at Blackhat conference

Awarded ISO 27001Delivery and Training

Centres expanded

NII is a certified

PCI DSS QSA

MSSP Services

Launched

NII acquires Torrid

Networks

Operations in

Singapore started

NII receives $5

million in

funding from

New York based

Helix

Investments

valuing the

company at $22

million

Additional

offices and

partnerships

signed up in

UK, Europe and

Australia

Middle East

Operations

commenced

Training Division

Started

2001

1

2003

5

2005

8

2007

10

2009

20

2011

30

2013

80

2015

170

2016

300

2017

400

2018

550

©2018 Network Intelligence. All Rights Reserved. 2

Big data platform for

Security Analytics –

launched

Organization Structure


PMO

Admin

IT

Subject Matter Experts

Consultants

EMEA

North America

India

APAC

Innovation & Research

Process Improvement

Development & Testing

Pre-Sales

Implementation & Support Services

Training Operations

Training Sales & Marketing

Training

Finance

Human Resource

Sales & Marketing

30 320 50 15 20 35 15

CEO

K. K. Mookhey

480+Total Headcount

Security Monitoring

Incident Response & Threat Hunting

Vulnerability Management

Project Delivery Managed Security Services

Research & Development

Professional Services Training Support Services

Management Team & Board


KK Mookhey, Founder & CEOKK provides the vision and direction for the firm, and has steered it froma one-man consulting shop started in 2001 to a global cybersecurity firmwith an expansive portfolio of services. A technologist at heart, he enjoysdealing with complex security problems and developing solutions toclient challenges. He is a qualified PCI QSA, CISA and CISSP.

Altaf Halde, Global Business HeadA seasoned cybersecurity professional with over two decades ofexperience in building businesses, Altaf spearheaded the South Asiabusiness for Kaspersky for 7 years prior to joining the firm. In his previousstints he has run India business for companies such as Sophos, Utimacoand others. Highly passionate about cybersecurity, he combines sharpbusiness acumen with a keen sense of humor

Deep Chanda, Business Head (Americas)Deep brings in over 13 years of sales and marketing experience in the cybersecurity space. Prior to joining NII, he lead the Americas business for another PCI QSA company, and before that he was with American Express. At Network Intelligence, he focuses on growing our North America and LATAM business with special emphasis on PCI, MSSP, and Assessment services.

Munesh Ahuja, Global Delivery HeadMunesh brings more than 24 years of rich experience across multipledomains: Information Technology, Telecom, Business ProcessOutsourcing, BFSI and US Healthcare. Munesh is passionate aboutanalysing data to build information while delivering successful customerstories. At Network Intelligence, he is responsible for delivery across ourservice lines of assessment, consulting and remediation. If Munesh is notat work, he is busy preparing for his next marathon.

Wasim Halani, Research & Development HeadWasim started and has grown his career at the firm. Starting off as apenetration tester, Wasim started our research team in 2016, and sincethen has contributed significantly to new service lines, improvement ofquality in existing service lines, and most importantly in the developmentof our big data platform with machine learning capability – BlueScope™.He also oversees the development team that works on Firesec™ – oursecurity orchestration and automation platform.

David Danziger, DirectorDavid Danziger is a Director of Helix Investments and also on the Board of Network Intelligence. He is also a co-founder and managing member of Culbro LLC. Mr. Danziger's previous experience was in marketing and finance. A graduate of Harvard College and Harvard Business School, Mr. Danziger serves on the boards of Griffin Industrial Realty Inc, TDBBS LLC, Med Emporium LLC and LearningMate Solutions Pvt. Ltd.

Consulting Services Portfolio


• Web and Mobile Application

• Code Review

• Network Architecture

• Infrastructure Vulnerability Assessment

• IoT, Blockchain, Cloud Security

• Red Team Assessments

• Bug Bounty Programs

• Critical Infrastructure (ICS)

• Telecom Infrastructure

• ERP

• Cybersecurity Strategy

• Cybersecurity Maturity Assessment

• Risk Management

• Compliance Frameworks – NIST, GDPR, ISO 27001, PCI DSS, HIPAA, SSAE18, ISO 22301

• Policies and procedures

• Security Awareness

• CISO-as-a-Service

• Security Architecture Implementation

• Infrastructure Security Hardening

• Secure Cloud Migration

• Security Solution Selection and Evaluation

• Security Solutions Implementation and Support – WAF, PIM, DLP, EDR, DAM

Assessment GRC Technology Services

MSSP Service Portfolio

Security Monitoring &

Incident Response

Active Threat Hunting

Red Team Assessment

Security Assessment

(Network, Web & Mobile

Applications)

SOC Maturity Assessment

and SIEM Optimization

Anti-Phishing Pro-active

Monitoring & Take Down

Service

Digital Forensics

& Malware Analysis

SOC Automation

Device Management


Technology Coverage

Security

Monitoring

Security

Analytics

Vulnerability

Management

Web Application

Firewalls

Privileged ID

Management

Next Generation

Firewalls

Endpoint

Security

Data Leakage

Prevention

Cloud

Security

Active Threat

Hunting

1 2

6 7

3 4 5

108 9


Marquee Clientele – Global


Leading analytics software company

Leading Spear-Phishing Company

Leading Backup Solution Provider

Leader in unified procurement and supply chain solutions

United Nations Children’s Fund

Leading IT software vendorWorld Food Programme

International Fund for Agriculture Development

Leading Multinational Bank

Global Telecom Major

Walmart International Technology GiantStaples Volkswagen

Leading Analytics Company

Sony Corporation Hong Kong and Shanghai Banking Corporation Thomas Cook

VFS Global Leading Credit Bureau

Marquee Clientele – Asia


Largest Private Bank in the Country

Top 3 Oil & Gas Companies Leading Online Trading Platform Large Oil and Gas Company Large business conglomerate

Largest Stock Exchange 2nd Largest Stock Exchange Top 3 IT Vendors Large Pharmaceutical Company Top 5 Telecom Vendors

Leading Media Conglomerate International Technology Giant Leading Local Search Engine Top 5 Private Banks in the Country

Leading Analytics Company

2nd Largest Private Bank in the Country

Top 5 Private Banks in the Country

National Payment Switch Leading Online Travel Portal Leading Car Buying Portal

Marquee Clientele – EMEA


2nd Largest Bank in Saudi Arabia 2nd Largest Bank in UAE Large Global Front-Office Provider Large IT Vendor in Middle East

Top 10 Banks of UAE National Carrier of Kuwait Top 10 Banks of UAE Top 5 Banks of Qatar

Top 10 Banks of UAE Large IT Vendor in Middle East Top 10 Banks of UAE National Payment Switch of UAE

Top 10 Banks of UAE UAE Government Entity Large Hospitality Group Large IT Vendor in Middle East

Why customers love us?


Very glad to share with you that the NII team

under the guidance of the Senior Security

Consultant could support and make the WIFI

security assessment a success without

compromising on the security aspects and the

patience in the countless discussions for WIFI

security assessment. Would like to also

acknowledge the good work done by Saurabh

and Amit to make this happen.

CISO - Large Bank

We would like to express our sincerest & heartfelt gratitude

for the hard work, dedication, customer service &

professionalism shown by the consultants during the recent

stabilization exercise. All 3 of them rotated in 8 hour shifts,

sacrificed their fun (during a company picnic) and came

out of the way to help us, when we needed them the most.

They really have gone above & beyond and for this, we

request NII to send us a quotation for professional services

for the amount of time they spent here during this exercise.

CISO – Large Bank

“I am glad to intimate you that all the 3

personnel from NII have performed

exceptionally well by showing great sense of

dedication towards identification, follow up

and closure of vulnerabilities. They have also

been an example for other resources by being

punctual everyday to office. It’s a pleasure to

have these guys with us.”

Security Manager – Large Ecommerce

Company

“The work related to this activity had coverage over Physical Security, Trading Systems, Network and Network Security; along with interactions

with various people. However, the work also had an important part related to understanding the business we are in Stock Exchange;

It was observed that [the Consultant] has been able to quickly learn and apply his knowledge and expertise to accomplish the verification of the

business functions and requirements. This is rare and hence Ï am writing email of appreciation towards his work. We value his deployment for

this project, his work has raised the bar of delivery expectations.

CISO - Largest Stock Exchange

People Focus• We wholeheartedly encourage all employees

to pursue relevant opportunities to learn and enhance their skill-sets. We have our own Learning and Development portal which includes technical and non technical study materials.

• Employees attend various security community events happening in their cities and also conduct sessions and present talks at such community meets (Bsides, OWASP, Null, etc.)

• Weekly internal knowledge sharing session on any cutting-edge topic, such as Blockchain, IoT, SCADA Security, etc.

• Training for new hires: All new hires have to undergo a compulsory training program.

Staff Certifications

Certifications Count

Certified Ethical Hacker 70

Offensive Security Certified Professional (OSCP) 12

Certified Information Systems Auditor 6

Certified Information Systems Security Professional (CISSP) 3

CREST Certified 2

PCI DSS Qualified Security Assessor (QSA) 6

ISO 27001 Lead Auditor / Lead Implementer 40

Cyberark/Imperva/QRadar/Arcsight Certified 20


Case Study – Big Data Analytics for Security

Client:

Amongst Top Private Sector

Banks in the country

The Need:

Visa / MasterCard reported

that the client’s ATM network

has been breached putting

3.2Mn customers potentially

at risk

Scope of work:

Investigation at the ATM

Switch (complex environment

with multiple servers &

firewalls along with an

outsourced SOC)

01 Information Log

• 150 GB+ of logs on Day 1 &

counting

• Varied log formats – at least

12 & counting

• Time pressure to analyse

quickly & prove/disprove

theories

• Client unwilling to send logs

out of the network

02

• Failed Logins | Successful Logins |

Processes executed | System

Restart | Services Installed | Event

Log cleared

• Schema Changes | Failed Logins |

Successful Logins | All critical

events

• Top Talkers | Top Destinations |

Correlation with known IoCs |

Entropy of destination domain

names

• All changes | All critical events |

Connectivity Ratios

• Frequency analysis of emails

sent/received | Dump of all

attachment names 2 months prior

to the period of CPPs’ | Extract all

attachments & conduct

automated sandbox analysis

• Failed logins | Critical Kerberos

events | Lateral movement signs |

Changes to group policy

Analytics Performed

DATABASE

Firewall

AD Logs

03Findings

• Narrowed down to the main

server compromised

• Attackers modus operandi and

toolkit used found

• Worked backwards to find out

the other servers that were

compromised

• Results delivered within 72

hours of onsite investigation


Case Study – Red Team Assessment

Client:

Amongst Top 3 Banks in the

country

Scope of Work:

• Red Team assessment to

test Client’s defenses in a

real world cyber attack

scenario on their Retail &

Corporate Internet Banking

and Mobile Banking

Systems

• Identify key loopholes in

the security setup & action

points to address them

• Build response, recovery

and resiliency capability

rather than traditional

approach to identify,

prevent & detect issues

Discovery

Map out systems and

hunt for targets for

compromise

Data Centre

Capture

• Compromise of Primary systems

• Capture of exposed data

Key Skills Used:

• Technical Hacking

• Physical Hacking

• Social Engineering

Infiltration Points:

• Headquarters / Bank Branches

• Internet Banking

• Users (Employees)

Exfiltration:

Captured data sent to base

in encrypted payloads

01 02

0304

Key Findings

1. Access to senior management mailboxes

2. Access to customer financial transactions

3. Admin rights to SAP

4. Planted physical backdoor device in Clients

network

Key Strengths - NII

1. Fully Undetectable Malware

2. Social Engineering Skills

3. Hacking Skills

4. Team comprising of Bounty Winners

5. Usage of Pwn Plug to access network


Our Products

Features


It is an automated solution for security device rule configuration analysis,optimization and compliance readiness. With Firesec you can determinecompliance levels to PCI DSS, CI Security Benchmarks, and other standards, aswell as determine insecure rules, redundant rules, and unused rules that canhelp significantly optimize. We support most of the major firewall vendors,router, and switch vendors as well as the leading proxy products.

Analyze & Optimize rule bases

Uncover unused objects

Review Rules

Compliance Readiness

Customized user dashboard

Cherry pick reports sections

Configuration comparison

Log & Hit count Analysis

Multi-Vendor Support


It is an Elastic-powered big data platform for security analyticsproviding you the ability to mine massive amounts of data, do patterndetection, threat hunting and advanced forensics. The use cases aremapped to the MITRE ATT&CK framework and enable detection ofadvanced attacks on your organization.

Reduce false positives

Use cases mapped to MITRE ATT&CK framework

Scheduled reports and alerts

Discovery of bad actors via machine learning algorithms

Detect file-less malware and other adversary artefacts

Run advance search and data discovery

Reports and Metrics

Capabilities

Threat Hunting

CISO Dashboards

Why partner with us

Why partner with us


Constantly innovating and adding new services and capabilities to the portfolio

Agile and customer-friendly service delivery philosophy

Capability extends beyond web and mobile apps to IoT, Blockchain, Cloud, and Critical Infrastructure security

Team of 480+ cybersecurity professionals and growing at 40-50% CAGR

Our engagement philosophy is a partnership model rather than transaction-based

Focus on detail and personalised attention

Well-established delivery process with focus on quality and timeliness of delivery

Reference customers across geographies and industry including marquee names

Strong OEM partnerships

network intelligence - dsci

Documents